GHSA-QRWJ-VH9X-GW5V: Cross-Agent Server-Side Request Forgery and Remote Code Execution in Coder Workspace Agent
Vulnerability ID: GHSA-QRWJ-VH9X-GW5V
CVSS Score: 8.0
Published: 2026-07-06
An insecure redirect vulnerability in Coder allows an authenticated attacker who controls a workspace agent to perform unauthorized cross-agent file operations and achieve remote code execution in other workspaces. By exploiting default redirect-following behavior in the control-plane's HTTP client, a malicious agent can redirect legitimate requests to a victim's deterministic tailnet IP address.
TL;DR
Insecure HTTP redirect handling in the Coder control plane allows a compromised agent to spoof requests to other workspace agents, enabling cross-tenant file writes and arbitrary code execution.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-918 (Server-Side Request Forgery)
- Attack Vector: Network (AV:N)
- CVSS: 8.0 (High)
- EPSS Score: Not Available
- Impact: Remote Code Execution (RCE) / Unauthorized File Access
- Exploit Status: PoC (Proof of Concept)
- KEV Status: Not Listed
Affected Systems
- Coder Workspace Agent Client
Mitigation Strategies
- Upgrade Coder deployment control plane and agent binaries to a patched version immediately.
- Monitor workspace logs for unexpected redirection requests or unauthorized access attempts.
Remediation Steps:
- Identify all running Coder deployments and verify current versioning.
- Download and install the appropriate patch release based on your version stream (v2.34.4, v2.33.10, v2.32.9, or v2.29.19).
- Restart the coderd control plane daemon to enforce the client configuration changes.
- Configure log aggregators to alert on the string 'blocked workspace agent API request to unintended host'.
References
Read the full report for GHSA-QRWJ-VH9X-GW5V on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)